Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




180 posts

Master Geek
+1 received by user: 43

Lifetime subscriber

Topic # 248112 10-Mar-2019 21:54
Send private message quote this post

So, I had a bit of a journey with an OpnSense install and my VLAN setup (still ongoing). Mostly to my personal lack of networking know how.

After a week I got so frustrated I just bought an EdgeRouter ER-4. Everyone and their dog saying they are the best bang for buck. I have a Gig fibre and apparently this thing just works.

Well... While it is a pretty sexy box and the UI is marvelously slick and it is impressive. Two things are killer features.

A)My OpnSense box (admittedly easily outpowering the ER-4) gets about 100mbit more downstream and 200mbit more up (ER-4 maxxed out at about 720/280, where the OS box did 870/510)!! That's nothing to sneeze at. Especially the up, which is why I have that link in the 1st place. And then, killer #2 (which I missed before buying), the LAGG support is well...only really theoretical.

I did try a lot of settings and googling but no avail. Also the same issues as with OpnSense appeared so it wasn't that. I hope I can return the ER-4 on Monday otherwise there will be one going here. Still a good box but you can have more for less I guess. Just thought I'd share. I'd definitely go for it for lower rates but then probably a smaller ER would do the job too.

Create new topic
Mr Snotty
8423 posts

Uber Geek
+1 received by user: 4350

Moderator
Trusted
Lifetime subscriber

  Reply # 2195362 10-Mar-2019 22:29
One person supports this post
Send private message quote this post

This sounds like you have not got Offloading enabled (or are using a feature that disables it) on the Edgerouter 4. I am running one, and can get full line speed no problems:

 

 

 

This is on the EdgeOS v2.0.0 firmware. Post the output of "show ubnt offload".





2499 posts

Uber Geek
+1 received by user: 748

Trusted
Lifetime subscriber

  Reply # 2195366 10-Mar-2019 22:44
Send private message quote this post

Have a look here, if you have not already done so.  https://help.ubnt.com/hc/en-us/articles/115006567467-EdgeRouter-Hardware-Offloading 

 

Also, try removing/disabling the majority of your firewall rules (of course leaving NAT in place) and see if that makes a difference.





"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams

 
 
 
 


defiant
809 posts

Ultimate Geek
+1 received by user: 414

Lifetime subscriber

  Reply # 2195368 10-Mar-2019 22:48
Send private message quote this post

ER4 here, no complaints

 




180 posts

Master Geek
+1 received by user: 43

Lifetime subscriber

  Reply # 2195472 11-Mar-2019 07:30
Send private message quote this post

Yes, offloading is activated and bar general block rule no firewall rules in place. As I said I would have expected what you guys see.

Mr Snotty
8423 posts

Uber Geek
+1 received by user: 4350

Moderator
Trusted
Lifetime subscriber

  Reply # 2195700 11-Mar-2019 11:05
Send private message quote this post

olivernz: Yes, offloading is activated and bar general block rule no firewall rules in place. As I said I would have expected what you guys see.

 

As I believe you're on 2degrees:

 

1508 MTU - ONT Ethernet Interface.
1508 MTU - VLAN Interface.
1500 MTU - PPPoE Dialer.

 

Ensure you don't have TCP MSS clamping enabled. Also my offloading has the following enabled:

 

IP offload module : loaded
IPv4
forwarding: enabled
vlan : enabled
pppoe : enabled
gre : disabled
bonding : disabled
IPv6
forwarding: enabled
vlan : enabled
pppoe : disabled
bonding : disabled

 

IPSec offload module: loaded

 

Traffic Analysis :
export : enabled
dpi : enabled
version : 1.422

 

You didn't happen to set it up with Bridging enabled by any chance? There are a few things that disable offloading (see the link above).





3523 posts

Uber Geek
+1 received by user: 1456

Subscriber

  Reply # 2195791 11-Mar-2019 12:40
Send private message quote this post

Check the CPU load on the Edgerouter while doing a speedtest. If it goes to 100% or close to it, then you have done something that is causing offloading to be disabled.

Although I dont own an Edgerouter 4, I do have an Edgerouter Lite. And CPU load is only around 30% or so during a gigabit speedtest.





13 posts

Geek


  Reply # 2196191 12-Mar-2019 02:16
Send private message quote this post

I had a bad run initially with the Edgerouter 4.
First I had a faulty ONT LAN 1 port(not an ER issue), then I was not overly impressed with the version 2.0 firmware.
I find the latest stable 1. mainline firmware much more robust, 1.10.9 was installed today.

https://www.ui.com/download/edgemax/edgerouter-4

Now as for my 2degrees connection, I get around 935Mbit/s down and 400 up, as per my plan.
This is with hardware offload enabled.
This is with a few firewall rules.
This is with DPI enabled.
This is with QOS *disabled*, as soon as I enable FQ_CODEL, SFQ, PFIFO or any QOS my speed drops back to half of the above if that. PFIFO was the worst performance wise.

If I would do it again I would probably do PFSense.

Early days for a conclusion but 1 year warranty for an ER4 at $350 retail, I do not know, looks borderline to me.
But as for your question, the ER4 can do wire speed no problem
In fact, I would go as far as you would not even need a network switch, when I tested it without it using the bridge, it delivered wire speed just fine.
Now it is plugged into a Netgear GS105 and that small switch is impressive, does 940Mbit all day long.




180 posts

Master Geek
+1 received by user: 43

Lifetime subscriber

  Reply # 2196495 12-Mar-2019 12:48
3 people support this post
Send private message quote this post

Hi all,

Thanks for that. Probably missed something in the config. HW offload was properly enabled (was on 1.10.9).

Anyway managed to give it back an am back on my OpnSense. Since I had the same issues with both it must be something downstream. I have the HW anyway so why spend the extra money. Especially since OpnSense doesn't have any issues with my LAGG LACP connection to the switch.

And yes, no private household will ever need that firepower but I am trying to learn as it peripherally aids me at my work.

Thanks for the support! And I wouldn't knock the product especially since everyone but me is managing (common factor in the problem here is me ;-)

Cheers Oliver

206 posts

Master Geek
+1 received by user: 13

Subscriber

  Reply # 2196497 12-Mar-2019 12:56
Send private message quote this post

Just out of curious, where did you get yours from?


Create new topic


Donate via Givealittle


Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Amazon introduces new Kindle with adjustable front light
Posted 21-Mar-2019 20:14


A call from the companies providing internet access for the great majority of New Zealanders, to the companies with the greatest influence over social media content
Posted 19-Mar-2019 15:21


Two e-scooter companies selected for Wellington trial
Posted 15-Mar-2019 17:33


GeForce GTX 1660 available now
Posted 15-Mar-2019 08:47


Artificial Intelligence to double the rate of innovation in New Zealand by 2021
Posted 13-Mar-2019 14:47


LG demonstrates smart home concepts at LG InnoFest
Posted 13-Mar-2019 14:45


New Zealanders buying more expensive smartphones
Posted 11-Mar-2019 09:52


2degrees Offers Amazon Prime Video to Broadband Customers
Posted 8-Mar-2019 14:10


D-Link ANZ launches D-Fend AC2600 Wi-Fi Router Protected by McAfee
Posted 7-Mar-2019 11:09


Slingshot commissions celebrities to design new modems
Posted 5-Mar-2019 08:58


Symantec Annual Threat Report reveals more ambitious, destructive and stealthy attacks
Posted 28-Feb-2019 10:14


FUJIFILM launches high performing X-T30
Posted 28-Feb-2019 09:40


Netflix is killing content piracy says research
Posted 28-Feb-2019 09:33


Trend Micro finds shifting threats require kiwis to rethink security priorities
Posted 28-Feb-2019 09:27


Mainfreight uses Spark IoT Asset Tracking service
Posted 28-Feb-2019 09:25



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.